DSpace at ICSY: Use Cases for Authorization in Grid-Middleware

	About DSpace Software

	Home

Browse
	Communities & Collections
	Titles
	Authors
	Subjects
	By Date

Sign on to:
	Receive email updates
	My DSpace authorized users
	Edit Profile


	About DSpace

DSpace at ICSY >
ICSY - Integrated Communication Systems Lab >
02: Reports / Berichte >

Please use this identifier to cite or link to this item: http://hdl.handle.net/123456789/188

Title:	Use Cases for Authorization in Grid-Middleware
Authors:	Dussa, Tobias Epting, Ursula Filipovic, Bartol Foest, Gerti Götze, Joachim Grimm, Christian Hillenbrand, Markus Kohlschütter, Christian Lohner, Ralf Müller, Paul Pattloch, Marcus Piger, Stefan Straub, Tobias Wiebelitz, Jan
Keywords:	DGI AAI
Issue Date:	28-Sep-2006
Abstract:	Security services in Grid environments, especially the authentication but also parts of the user authorization are largely based on PKI and X.509 certificates. In contrast to the well-established authentication infrastructures, the harmonization of authorization mechanisms as implemented in the examined Grid middlewares – Globus Toolkit 4, gLite and UNICORE – turns out to be a complex challenge. As a preliminary work towards a common D-Grid wide AAI, a study of the different authorization approaches for common use cases was conducted. The aim of this work was to examine the feasibility of a common authorization infrastructure of these Grid middlewares. The use cases were defined from two different perspectives: authorization measures by users and by administrators. The regarded application areas were computing and information services as well as data and VO management. All results are based on practical experiences. Only the means supported by a standard deployment of the respective middleware have been considered, i.e. without additional (3rd party) software. The report confirms the predominant notion of the inhomogeneous and coarse grained authorization mechanisms in current Grid middlewares. Furthermore, we found that authorization functionality differs greatly especially between Globus Toolkit 4 and gLite on one side and UNICORE on the other side. This most prominently results from the current lack of the VO paradigm in UNICORE. Thus, a harmonization of the authorization infrastructure appears feasible on a high-level between the first two middlewares. The inclusion of UNICORE in such a concept requires substantial modifications of the middleware itself.
URI:	http://dspace.icsy.de/handle/123456789/188
Appears in Collections:	02: Reports / Berichte

Files in This Item:

File	Description	Size	Format
Use_Cases_V13.pdf		558,37 kB	Adobe PDF	View/Open

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

DSpace Repository of the Integrated Communication Systems Lab (ICSY), University of Kaiserslautern, Germany - Feedback